Platform
javascript
Component
lunary-ai/lunary
Opgelost in
1.9.24
CVE-2025-4779 is a stored Cross-Site Scripting (XSS) vulnerability affecting lunary-ai/lunary versions up to 1.9.24. An attacker can inject malicious JavaScript code, potentially compromising user sessions and sensitive data. This vulnerability stems from the improper handling of user-supplied input within the v1/runs/ingest endpoint. A fix is available in version 1.9.24.
This XSS vulnerability allows an unauthenticated attacker to inject arbitrary JavaScript code into the lunary-ai/lunary application. By crafting a malicious request to the v1/runs/ingest endpoint with an empty citations field, the attacker can trigger a code path that utilizes dangerouslySetInnerHTML to render attacker-controlled text. Successful exploitation results in the execution of JavaScript within the context of the user's browser. This can lead to a wide range of malicious actions, including session hijacking, stealing user credentials, defacing the application, and redirecting users to phishing sites. The impact is particularly severe as the vulnerability is unauthenticated, meaning an attacker does not need valid credentials to exploit it.
CVE-2025-4779 was publicly disclosed on 2025-07-07. No known public proof-of-concept (POC) exploits have been released at the time of writing, but the vulnerability's ease of exploitation suggests that POCs are likely to emerge. The CVSS score of 9.1 (CRITICAL) indicates a high probability of exploitation. It is not currently listed on the CISA KEV catalog.
Organizations utilizing lunary-ai/lunary in production environments, particularly those with public-facing instances of the v1/runs/ingest endpoint, are at risk. Applications that rely on the lunary library for data ingestion and processing are also potentially vulnerable.
• javascript: Inspect the application's JavaScript code for instances of dangerouslySetInnerHTML being used with unsanitized user input. Look for patterns where data from the v1/runs/ingest endpoint is directly rendered without proper escaping.
• generic web: Monitor access logs for requests to v1/runs/ingest with empty citations fields.
grep 'v1/runs/ingest\?citations=' access.logdisclosure
Exploit Status
EPSS
0.27% (50% percentiel)
CISA SSVC
CVSS-vector
The primary mitigation for CVE-2025-4779 is to immediately upgrade to lunary-ai/lunary version 1.9.24 or later. This version contains a fix that properly sanitizes user input, preventing the injection of malicious JavaScript. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) rule to block requests to the v1/runs/ingest endpoint with empty citations fields. Additionally, carefully review and sanitize all user-supplied input within the application to prevent similar vulnerabilities from arising. After upgrading, confirm the fix by attempting to inject a simple JavaScript payload into the v1/runs/ingest endpoint and verifying that it is not executed.
Werk lunary-ai/lunary bij naar versie 1.9.24 of hoger. Deze versie bevat een correctie voor de XSS-kwetsbaarheid. U kunt het pakket bijwerken met npm of yarn, afhankelijk van uw voorkeur.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2025-4779 is a critical stored Cross-Site Scripting (XSS) vulnerability in lunary-ai/lunary versions up to 1.9.24, allowing attackers to inject malicious JavaScript.
You are affected if you are using lunary-ai/lunary versions prior to 1.9.24 and have the v1/runs/ingest endpoint exposed.
Upgrade to lunary-ai/lunary version 1.9.24 or later. Implement a WAF rule to block malicious requests as a temporary workaround.
While no public exploits are currently known, the vulnerability's severity and ease of exploitation suggest active exploitation is possible.
Refer to the official lunary-ai project repository and release notes for the latest advisory regarding CVE-2025-4779.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.